Hello Gentlemens!
Tell me please, can RouteOS to work in transparent mode firewall? Such as Cisco ASA.
The scheme is as follows: ISP --> Mikrotik SW --> multiple servers.
Task is to defend against DDOS or other intrusion from the outside my servers
Re: Transparent firewall
Hello,
You can have MikroTik work as a layer 3 stateful firewall. And I must add it is a very good stateful firewall. I have many customers who replaced their Cisco ASA with a CCR MikroTik router.
DDOS and intrusion prevention depends on the kind of the attack. You have very good tools to fight against DDoS attacks. But when you think about it if DDoS attack arrived at your firewall, that means it was successful.
MikroTik does not work like an application layer firewall like Palo Alto.
Osman Kazdal
You can have MikroTik work as a layer 3 stateful firewall. And I must add it is a very good stateful firewall. I have many customers who replaced their Cisco ASA with a CCR MikroTik router.
DDOS and intrusion prevention depends on the kind of the attack. You have very good tools to fight against DDoS attacks. But when you think about it if DDoS attack arrived at your firewall, that means it was successful.
MikroTik does not work like an application layer firewall like Palo Alto.
Osman Kazdal
Re: Transparent firewall
Thank you very much Osman Kazdal!
Can you tell me more about the settings of your equipment. How did you solve the problem with DDOS. Can you show me the rule or instruction.
I heard about PaloAlto, but unfortunately not dealt with them.
Best Regards
Dmitrii
Can you tell me more about the settings of your equipment. How did you solve the problem with DDOS. Can you show me the rule or instruction.
I heard about PaloAlto, but unfortunately not dealt with them.
Best Regards
Dmitrii
Re: Transparent firewall
A typical DDoS involves bandwidth exhaustion, you cannot defend against it without upstream filtering. By the time your firewall is inspecting the packets, your uplink is already saturated and useless.
-
-
soulflyhigh
Member Candidate
- Posts: 180
- Joined:
Re: Transparent firewall
Yes, the attacker simply saturate your internet connection with gigabits/sec of "junk traffic" BEFORE your firewall can do anything really useful.A typical DDoS involves bandwidth exhaustion, you cannot defend against it without upstream filtering. By the time your firewall is inspecting the packets, your uplink is already saturated and useless.
Ask your ISP if they can offer you some kind of DDoS protection as a paid service.
Regards,
M.
Re: Transparent firewall
Hi again,
I would suggest you watch MUM presentations by Tom Smyth and Wardner Maia. Their presentations are a great start to give you pointers and ideas about what you should do against DDoS.
Below are the links to their presentations. I think you can also find videos.
https://mum.mikrotik.com//presentations/US12/tom.pdf
https://mum.mikrotik.com//presentations ... 752556.pdf
Osman Kazdal
I would suggest you watch MUM presentations by Tom Smyth and Wardner Maia. Their presentations are a great start to give you pointers and ideas about what you should do against DDoS.
Below are the links to their presentations. I think you can also find videos.
https://mum.mikrotik.com//presentations/US12/tom.pdf
https://mum.mikrotik.com//presentations ... 752556.pdf
Osman Kazdal
Who is online
Users browsing this forum: soulflyhigh and 45 guests